﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;


namespace DLM.Web.MVC.Extensions
{
    public class UserAuthorizeAttribute : AuthorizeAttribute
    {
        public override void OnAuthorization(AuthorizationContext filterContext)
        {
            if (filterContext.HttpContext == null)
            {
                throw new ArgumentNullException("Http Context");
            }
            if (!filterContext.HttpContext.User.Identity.IsAuthenticated)
            {
                HandleUnauthorizedRequest(filterContext);

            }
            if (!filterContext.HttpContext.User.IsInRole("User"))
            {
                HandleUnauthorizedRequest(filterContext);
                // filterContext.Result = new HttpUnauthorizedResult();
            }
            //base.OnAuthorization(filterContext);
        }

        protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
        {
            // System.Web.Security.FormsAuthentication.SignOut();
            filterContext.Result = new HttpUnauthorizedResult();
            //filterContext.RequestContext.HttpContext.Response.Redirect("~/Account/Login");

            //base.HandleUnauthorizedRequest(filterContext);
        }
    }
}